15 tips about docker

1. Obtain the ID of the recently running container

This is an operation we often use. According to the official example, you can do this (EnvironmentUbuntu):

$ ID=$(docker run ubuntu echo hello world)hello world$ docker commit $ID helloworldfd08a884dc79

This method is useful when writing scripts. For example, you want to obtain IDs in batches in the script and perform further operations. However, this method requires you to assign a value to the ID. If you directly press the command, it is not convenient to do so. In this case, you can change the following method:

$ alias dl=’docker ps -l -q’$ docker run ubuntu echo hello worldhello world$ dl1904cf045887$ docker commit `dl` helloworldfd08a884dc79

The docker PS-L-Q command returns the ID of the recently run container. By setting the alias (alias), the DL command gets the ID of the latest container. In this way, you no longer need to enter the lengthy docker PS-L-Q command. You can obtain the value of the DL command through two oblique quotes, that is, the ID of the recently running container.

2. Specify the software to be installed in dockerfile, instead of directly installing the software using the shell of the docker container.

To be honest, I sometimes like to install software in shell. Maybe you also like to install all the software in shell. However, you still need to specify the Installation File in doockerfile. To install the software in shell, you must:

$ docker run -i -t ubuntu bash # Log on to the docker container[email protected]:/#

Run the following command to install the file:

apt-get install postgresql

Then call Exit:

[email protected]:/# exit

Exit the docker container and run the docker commit command to pass a complicated JSON string to submit a new image:

$ docker commit -run=”{“Cmd”:[“postgres”,”-too -many -opts”] }” `dl` postgres

It's too troublesome, isn't it? Specify the Installation File in dockerfile. There are only two steps:

1. In a small dockerfile, specify the image of the current operation as the parameter of the from command.2. Specify docker commands in dockerfile, such as cmd, enterpoint, and volume to specify the installed software.

3. Super-super-Super User

You may need to always use a Super User to operate docker, as shown in the previous example:

# Add a docker User Group$ sudo groupadd docker# Add yourself to the docker User Group$ sudo gpasswd -a myusername docker# Restart the docker Background Service$ sudo service docker restart# Log out and log on again$ exit

Wow! Three sudo in a row! The "Super User" is the "super-Super User! Don't worry. After the settings are complete, you will no longer need to play so many sudo!

4. Clear garbage

To delete all stopped containers, run the following command:

$ docker rm $(docker ps -a -q)

By the way, the docker ps command is very slow. I don't know why it is so slow. It is reasonable to say that the go language is very fast. Run the docker PS-a-Q command to list the IDs of all containers and then delete the containers according to their IDs. The docker RM command will expire when it encounters a running container, so this command perfectly deletes all the containers that are not running.

5. analysis tool of docker inspect output result: JQ

To filter the output results of docker inspect, use the grep command to perform the following operations:

$docker inspect `dl` | grep IPAddress | cut -d ‘“‘ -f 4 172.17.0.52

Oh! It looks complicated. Use JQ to parse docker inspect output results professionally, which is more readable and easy to use:

$docker inspect `dl` | jq -r ‘.[0].NetworkSettings.IPAddress’ 172.17.0.52

The first '.' indicates all results. '[0]' indicates the first element of the array. Just as javascript accesses a JSON object, it is simple and convenient.

6. What environment variables does the image have?

Sometimes, you need to know which environment variables the image has. Simple! As long:

$ docker run ubuntu env

The output result is as follows:

HOME=/PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bincontainer=lxcHOSTNAME=5e1560b7f757

Calling env to view environment variables is useful for the "Link" mentioned later. These environment variables are used when connecting two containers, for details, refer to the last key point "Link ".

7. Run Command vs cmd command

Docker beginners are more likely to confuse the run and CMD commands.
Run Command is executed when building docker. In this case, the CMD command is not executed. The cmd command is executed only when the Run Command is executed. Let's clarify the relationship. Suppose the content of dockerfile is as follows:

FROM thelanddownunderMAINTAINER crocdundee

We want to install some software in the system:

# Docker build will execute the following command:RUN apt-get updateRUN apt-get install softwares# Dokcer run:CMD [“softwares”]

Execute run during build, run cmd during run, that is, CMD is the final command executed by the image.

8. CMD command vs entrypoint command

There are two confusing commands! For example, assume that the dockerfile of a container specifies the CMD Command, as shown below:

FROM ubuntuCMD [“echo”]

The dockerfile of another container specifies the entrypoint Command, as follows:

FROM ubuntuENTRYPOINT [“echo”]

Run the first container:

docker run image1 echo hello

Result:

hello

Run the second container:

docker run image2 echo hello

Result:

echo hello

Are you seeing the difference? In fact, the CMD command can be overwritten. When the command entered after docker run matches the command specified by CMD, the command specified by CMD is replaced with the command in docker run. The command specified by entrypoint is only an "entry", and all content after docker run is passed to this "entry" instead of replacing the command, so the result is "Echo hello ".

9. Does the docker container have its own IP address?

People who are new to docker may have the following question: does the docker container have its own IP address? Is a docker container a process? Or a virtual machine? Well... Maybe both of them? Haha, in fact, the docker container does have its own IP address, just like a process with an IP address. You only need to execute the command to view IP addresses in the host and docker containers respectively.

View the Host IP Address:

$ ip -4 -o addr show eth0

Expected result:

2: eth0 inet 162.243.139.222/24

View the docker container IP Address:

$ docker run ubuntu ip -r -o addr show eth0

Expected result:

149: eth0   inet 172.17.0.43/16

The two are different, indicating that the docker container has its own IP address.

10. The command line-based thin client uses UNIX socket to communicate with the rest interface of the docker Background Service

By default, docker uses a UNIX socket to communicate with each other, and the port is used to communicate with each other until about 0.5 and 0.6, but now it is changed to a UNIX socket, so the internal details of the docker container cannot be controlled from the outside. Next let's take a look at some interesting things: link the host to the docker UNIX socket:

# Connect to a UNIX socket like an HTTP client$ nc -U / /var/run/docker.sock

After the connection is successful, enter:

GET /images/json HTTP/1.1

After the input, you can press two carriage returns. The second carriage return indicates that the input is complete. Then, the result is:

HTTP/1.1 200 OKContent-Type: application/jsonDate: Tue, 05 Nov 2013 23:18:09 GMTTransfer-Encoding: chunked16aa[{“Repository”:”postgres”,”Tag”:”......

One day, I accidentally typed the submitted name into "-XXX" (I mixed the order of commands and options ), so when I delete it, a problem occurs. docker Rm-xxx regards-XXX as a parameter rather than the image name. So I have to use socket to directly connect to the container and call the rest server to delete the error.

11. Draw image Dependencies

The docker images command has a very popular option:-viz, which can map the image dependency and save it to the image file through pipeline symbols:

# Generating a dependency chart$ docker images -viz | dot -T png -o docker.png

In this way, a PNG image is generated under the current path of the host, and then a micro HTTP server is enabled using Python:

python -m SimpleHTTPServer

Then open it in a browser on another machine:

http://machinename:8000/docker.png

OK. The dependency is clear at a glance!

Note: To use the dot command, the host must install the graphviz package. In addition, if the host IP address is not bound to a domain name, replace machinename with the Host IP address .)

12. Where does docker store everything?

Docker actually puts everything in the/var/lib/docker path. Switch to a Super User and go to/var/lib/docker to see if you can learn a lot of interesting things. Run the following command:

$ sudo su# cd /var/lib/docker# ls -Fcontainers/ graph/ repositories volumes/

You can see many directories. The containers directory is of course the container, the graph directory stores the image, and the file system layer is stored in the graph/imageid/layer path, in this way, you can see what exists in the file layer. By using this hierarchical structure, you can clearly see how the file layer overlays.

13. docker source code: Go, go, go, golang!

The source code of docker is all written in the go language. Go is a very cool language. In fact, it is not just docker. Many excellent software is written in go. For me, four of the docker source files are what I like very much:

Commands. Go

Docker's command line interface is a lightweight encapsulation of rest APIs. The docker team does not want the logic to appear in the command, so commands. Go only sends instructions to the rest API to ensure its small granularity.

Api. Go

Restful API routing (receives requests from commands. Go and forwards them to server. Go)

Server. Go

Implementation of most rest APIs

Buildfile. Go

Dockerfile parser

Some guys are amazed "Wow! How is docker implemented ?! I cannot understand !" It doesn't matter. docker is an open-source software. Just check its source code. If you are not quite clear about the command in dockerfile, go to buildfile. Go to understand it.

14. How many docker background programs are running and then exit the container?

OK, the second to the last. What happens if I run several background programs in docker and exit the docker container? The answer is: do not do this! This is because all background programs are lost.

Use the Run Command in dockerfile to start a background program, such:

RUN pg_ctl start

In this way, the background program enabled by the Run Command will be lost. Call the bash of the container to connect to the shell of the container:

$ docker run -i -t postgresimage bash

Then call PS aux to view the process. You will find that the Postgres process is not running. The Run Command affects the file system. Therefore, do not start the background program in dockerfile, and start the background program as the foreground process. Or, as some experts propose, write a STARTUP script to start these background programs or processes in the script.

15. friendly communication between containers: Links

This is the best feature! I keep it to the final Axis! This is the most important new feature in 0.6.5. We have already mentioned it twice. Run a container and give it a name. In the following example, we use the-name parameter to specify the container name "loldb ":

$ docker run -d -name loldb loldbimage

Run another container, add the-Link parameter to connect to the first container (alias: loldb), and specify an alias for the second container (Cheez is used here ):

$ docker run -link /loldb:cheez otherimage env

By the way, we can get the Cheez environment variable:

CHEEZ_PORT=tcp://172.17.0.8:6379CHEEZ_PORT_1337_TCP=tcp://172.17.0.8.6379CHEEZ_PORT_1337_TCP_ADDR=tcp://172.17.0.12CHEEZ_PORT_1337_TCP_PORT=6379CHEEZ_PORT_1337_TCP_PROTO=tcp

In this way, we establish a network channel (BRIDGE) between the two containers. Based on this, we can create a program similar to rails: A container can accessDatabaseContainer without exposing other interfaces. Very cool! The database container only needs to know the alias of the first container (Cheez in this example) and the port number to be opened. Therefore, the database container can also run the Env command to check whether the port is opened.

 

 

Address: http://www.21ops.com/linux/13512.html